<html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta http-equiv="Content-Language" content="fr" /> <link rel="stylesheet" type="text/css" media="screen" href="../style.css" /> <title>Crackme #1</title> </head> <body> <h1>Crackme #1</h1> <?php $url_root = '../'; $rootpath = '../'; require_once $rootpath . 'include/crackme_func.php'; crackme_set_magic_quotes(false); error_reporting(E_ALL); $table = 'crackme1'; $page = $_SERVER['PHP_SELF']; function affiche_article($id) { if (!crackme_check_sql($id)) { crackme_error('<p>Hum, je n\'ai pas réussi à valider tes entrées ... (engueule Victor)</p>'); return -1; } $sql = 'SELECT titre, texte FROM ' . $GLOBALS['table'] . ' WHERE id=' . $id . ' AND secret=0'; $r = crackme_sql_query($sql); if (!$r) { return false; } if (mysql_num_rows($r) == 0) { return 0; }
<?php // Configure l'exercice error_reporting(E_ALL); $rootpath = '../'; $url_root = '../'; $table = 'crackme6'; require_once $rootpath . 'include/crackme_func.php'; crackme_set_magic_quotes(true); ?> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta http-equiv="Content-Language" content="fr" /> <link rel="stylesheet" type="text/css" media="screen" href="../style.css" /> <title>Crackme #6</title> </head> <body> <h1>Crackme #6</h1> <?php crackme_init_sql(); function login($pass) { if ($pass == 'injectionsql') { echo '<div class="article"><p>Mot de passe valide !</p></div>'; crackme_sql_query('TRUNCATE crackme6'); } else { crackme_error('<p>Mot de passe incorrect.</p>'); }